Network attacks on computer networks and network-based services have become commonplace. These network attacks may be active attacks that attempt to affect the network's operation or passive attacks that attempt to obtain information from the network. There are many different types of network attacks, such as eavesdropping attacks, spoofing attacks, password-based attacks, Denial-of-Service (DoS) attacks, Man-in-the-Middle attacks and the like. Some network attacks, such as a DoS attack, are designed to disrupt or disable a network by flooding the network with large amounts of useless traffic. A successful DoS attack on a network may disable all or a portion of the network. For example, a network may become unreachable, the network may be slow to respond, a website may not be able to be reached and the like.
Defending against these network attacks can be very challenging. For example, network operators may include different types of security measures, such as deploying one or more firewalls to help prevent unauthorized traffic from entering a network. Network administrators may also create security policies, such as network Access Control Lists (ACLs), which may specify the network traffic that is authorized to flow through a point in the network. Managing these security measures for a large network-based service that includes a large number of computing resources presents even more challenges. For example, managing all of the different firewalls, routers, switches, network traffic rules that may be included in a large network is extremely difficult.
The disclosure made herein is presented with respect to these and other considerations.